Social Networking: A Boon and a Conundrum 




1888 PressRelease - Cyber criminals are finding ways to use social networking to their advantage. The best 
company policy is to provision comprehensive, mandatory training that can effectively reach everyone in your 
valuable group of employees. For security awareness training that is uniquely memorable, positive and thorough, 
visit www.CipherEx.com to learn more. 

Businesses, large and small, are recognizing the value of having a presence on social media. Making 
a human connection with potential customers, vendors and investors in a social environment like 
Facebook is an asset to any enterprise. For some, social media may be the best way to cultivate 
ongoing business relationships. It is not uncommon to hear managers talk of finding the perfect 
candidate for an unfilled position in the company by using sites like Facebook and Linkedln. 
Unfortunately, cyber criminals are also finding ways to use social networking to their advantage. 

Going public with a company profile on a social networking site can be tricky business. First and 
foremost, one needs a dedicated IT person who knows the safety ropes to create and manage it. 
Tight security settings and monitoring of daily activities on a corporate social media page is an 
absolute must. Most businesses choose to limit activities on the company page to team members 
who have considerable expertise in IT security. 

A more daunting problem can be introduced through the personal use of social media by employees. 
While it may seem counter-intuitive that personal activity, like communicating with friends on 
Facebook, could wreak havoc on your company's network, studies show that the most efficient 
means of warding off malware and cyber-crime on company networks is to educate the entire staff 
about the hazards that exist in social networking, how to recognize them and how to avoid them. 

What are the risks? 

Countless varieties of malware, including Trojans and phishing devices, weave their way through 
social media systems every day. Anyone can post a link on Facebook or Twitter. Links that lead to 
fraudulent URLs, worms, botnets and other attack devices are often cloaked in attractive invitations 
to click on or like a link. "Friend" requests from scammers are common, and are frequently offered to 
a user whose employer is being targeted. Malware is designed to steal private information that can 
lead to valuable data and a lucrative payoff. 

How can an employee's personal use of social media affect the enterprise? 

There is a world of complexity behind criminal activities on the Internet. Data leaks are common and, 
of course, not all of them lead to malware attacks. Perhaps the most common means of entry into a 
company's network occurs when an employee uses the same device for conducting business and 
personal activities on social media. If an employee has access to the company network through a 
mobile device, and also uses it for social communications, a conduit is opened that could result in 



disaster for the company. Other threats may not be so obvious: 

00 Posting the name of one's employer on Facebool< is common practice. However, if a crook is 
lool<ing for channels into a company's data, communications among friends or colleagues about 
events at work can provide too much information for someone with ill intentions. Situations at work, 
including a company's stock status, an upcoming marketing campaign, pay raises, policy changes 
and complaints, should never be a topic of discussion on an individual's social network page. 

00 Security settings can be regularly changed by social networks. Users should check settings 
regularly to be sure that a new point of entry has not been opened without their knowledge. An email 
address is required in order to set up a social profile. If security settings are compromised, a string of 
data can be obtained simply from a private email address falling into the wrong hands. 

The points presented here encompass only a fraction of what social network users need to know. 
Proper training can help alleviate the conundrum of unknowns facing your enterprise when it comes 
to social networking. The best company policy is to provision comprehensive, mandatory training 
that can effectively reach everyone in your valuable group of employees. For security awareness 
training that is uniquely memorable, positive and thorough, visit http://www.CipherEx.com to learn 
more. 

About CipherEx 

Since 2003, the people at CipherEx have been serving major global corporations with network and 
network security consulting, improving productivity and ROI in a more secure environment. The 
company's user awareness training covers key areas such as security in the office, password 
security, social engineering, securing data, sharing info/social networks, internet file sharing services, 
mobile data storage devices, data destruction and phishing/spear phishing in easy-to-understand 
video presentations that are a cost effective way to educate employees about cyber risks. To learn 
more, visit http://www.CipherEx.com. 
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